Public Key Infrastructure (PKI) is a system that uses a public key and a private key to determine, and verify, a user's identity. The PKI also provides for the “binding” of public keys to users (e.g. associating a certain public key to a particular person or entity). The association of a public key to a user is done with a certificate that includes a user's identity and a public key. A certificate may be requested by a user and verified by a third-party that tracks the certificates and whether or not the certificates are valid.
The PKI provides for secure electronic communications between parties. As public networks (e.g. the internet) are not required to have cryptographic interfaces, a user of such a public network cannot be assured that messages are secure from inappropriate interception and review, or even that the intended recipient is in fact the person who receives the message. A common approach to security has been to generate one's own private and public key pairs and to distribute the public key to one's friends. However, this method does not allow an unknown person, or one without the public key, to securely communicate with the user. Such a system is proprietary, not widely accepted, and does not scale well.
Another way to communicate securely is the use of a public key infrastructure. However, these systems require client software, server hardware, and an expensive infrastructure to grant certificates. In use, a validation authority freely distributes public keys, as well as tracks the status of certificates to determine if they are still valid. In this way, users need not maintain their own public/private key infrastructure. When requesting a new public/private key, there is typically a registration authority who physically hands over a disk or a document containing the private key. The registration authority is usually an employee and is tasked with identifying the party requesting the new public/private key and transferring the new public/private key. Thus, a person (e.g. an employee) is in possession of and control over the private key data.
Any security breach in the chain of entities that have had access to private keys deems all private keys handled by that entity as suspect. This is because any entity that has had possession of the new private key could have copied and transferred the private key to an entity other than the rightful requester. For example, when a registration authority is fired, each and every private key handled by that registration authority is now considered invalid because the security breach could have provided an entity, other than the rightful entity, with access to the private key. For the parties that had their private keys distributed by the resident authority, they must now request private keys anew, and spend time and effort to get new private keys. Moreover, the public key infrastructures today having validation authorities are expensive, require significant employee staffing, and present security risks at least due to employees handling of private keys.
Present approaches for private key delivery and public key sharing suffer from a number of shortcomings. At present, public key infrastructure services generally require large numbers of employees to administer the keys. Moreover, these employees each represent a possible security risk. Further, the identification of a user requesting a private key or a certificate must be identified, typically in person, by a registration authority. These registration authorities impose an additional expense and risk in the private key delivery process. Moreover, their identification of the entity they deliver the private key to is prone to error.
Accordingly, it would be advantageous to facilitate direct delivery of certificates and private keys to users. It would further be advantageous to be able to reduce the number of entities in the trust chain in order to reduce the risk of a security breach, reduce distribution costs, and simplify delivery. It would also be advantageous to identify the receiver of a private key by a physical communication channel and to deliver the private key by a known physical communication channel that identifies the user.